wolstech

Your account was suspended because Wordpress is causing too much load. I have unsuspended your account, but please try to limit the load you put on our servers as it slows down not only your site, but the sites of all other HelioHost users sharing your server.<br /><br />This is really common for Wordpress. It can cause massive amounts of load even if you're hardly getting any traffic to your site. Wordpress is also incredibly insecure and very easy to hack. We see Wordpress accounts get hacked all the time and usually the hacker sets up a phishing site on your domain. We strongly recommend using any software other than Wordpress.<br /><br />Something that might help is this simply static Wordpress plugin. It will speed up your site, reduce the load you cause, and reduce your chance of getting hacked. If you try it let us know how it worked out for you.<br /><br />If you insist on using Wordpress you might want to consider purchasing a VPS instead. VPS hosting gives you an entire virtual server to yourself, including no load limits, a dedicated IP address, and full root access. Wordpress sites load relatively slowly on our shared hosting, but they will be much faster on a VPS.

@robertzo: it doesn't matter why an account is archived, once it's archived, there's no way for a user to restore it themselves.

Try resetting your password here: https://johnny.heliohost.org:2083/resetpass?start=1

This requires a donation. If you donated, please post the transaction ID of your donation so we can get this moved for you.

It’s likely concurrent connections causing this. I would bet your app opens more than one when running, even if it closes them when finished. I’m not sure of what the per-user limit currently is, but I think it was somewhere around 5 connections. Krydos would know.

Try this link to reset it instead. Our website likes to have issues sometimes, especially when the servers is seeing high load. https://tommy.heliohost.org:2083/resetpass?start=1

It can take up to 24 hours for it to get a new certificate after you change the domain.

If history is any indication, guy with a botnet is probably mad that he got banned. I did find an account yesterday morning that was hosting a botnet panel and xbalti (a fairly popular bank phishing script)...

Unarchived.

Looks like something broke on Johnny. Apache is down and all the account queues are backed up again...

Unarchived.

The Lily account has been created, but won't work properly until you correct your domain's name servers. You need to get rid of the bigrock name servers seen here and use only ours for it to work properly: https://bybyron.net/php/tools/dns_records.php?domain=shivajisoft.com&rec=NS Please check your PMs for the Lily account information.

I'll create this for you later this morning when I'm at a computer. If you want a specific subdomain to be attached to a Lily account, please remove it from Tommy then let me know what it is. A subdomain can only be attached to one server at a time.

Sent.

Yeah, I don’t see the connection between your account and those other ones either except for the fact that they came from the same country (which admittedly is one that is notorious for phishing). The report he was probably looking at was a multiple account report that I specifically try not to use for general purpose phishing detection (my experience has been that it is much more prone to false positives than the other detection systems we use). Your account was around much longer than those accounts, and did not phish. I’ll resend the invite when I get to a computer. You should get it in the next hour or so.

It's suspended for phishing. If you didn't phish, someone got into your account and did. Phishing accounts cannot be recovered or backed up. The weird part here is I can't figure out why it's suspended for phishing. I don't see any phishing content or mail, don't see an abuse report, and it's not flagged on the abuse scanner either. While it is our policy to not unsuspend phishing bans, for your convenience an invite for a replacement account has been sent to you to create a new account.

It's not being read through Joomla, in fact it's not being read through any code on your account. Every single PHP program in existence is vulnerable to it if they make enough effort. Joomla and WP are just the most frequently targeted due to popularity. The attack script they use literally just guesses where the config files are, because its named the same in every single installation. They enumerate the usernames on the system, then just bulk create symlinks pointed to common locations on the accounts hoping one lands on a config file. If their script guesses correctly, they end up with a valid link. When you do things like put the install in a subfolder, their symlinks will miss the file.

We had this happen to a few others as well, one as recently as a few weeks ago. It's almost always either malware in your CMS or a compromised password, usually either due to human error (fell for phishing?) or a victim of an attack like AnonymousFox, which has been popping up again lately after being quiet for 3 years. If you're unfamiliar with it, AnonymousFox attacks users by doing a "spray and pray" of symlinks for common configuration file names and locations, then viewing the contents. The attacker uses the files to get DB credentials. Traditionally the attacker would use those credentials to add a backdoor admin account to the CMS (this account was often called AnonymousFox and is where the attack's name comes from) then log in and abuse the CMS, typically by either defacing the site or using the CMS to set up phishing or send spam. That said, I've also seen times where they just randomly altered the contents of tables, emptied tables, or dropped them entirely as opposed to using the account for other illegal activity. The fix is: Delete the Joomla install entirely.Change your cPanel password as well as the passwords of any database users you created.Rebuild the Joomla site in a different location (easiest is to just put it a subfolder, or if it's in one already, to rename the subfolder). If it was an AnonymousFox attack that hasn't been caught yet, putting it back in the same place will let the attacker easily grab the new database password to continue attacking you.

He will stop by here and see the post. Sometimes it takes several days or longer for a response.

Unarchived.

The system doesn't support certain symbols. I don't have an exact list of what is and isn't supported, but I do know single and double quotes as well as spaces are especially problematic. For best results, we recommend users use A-Z, a-z, numbers, and the more common symbols like # @ % and $.

WOW. You're already on Tommy, your quota has been increased to its maximum of 5000MB, and your next login date has been pushed out until July 1, 2022 (13 months). Make sure you log in again starting in July 2022 to avoid an inactivity suspension. Thank you for the generous donation!

The email support is currently only manned by one person (Krydos). Most of our support is through this forum. If you post the donation transaction ID here, I can look it up and apply the gifts to your account

Yeah, he has to verify his specific subdomain when setting such a thing up and it's done in the zone editor. The root domain heliohost.us is a shared domain and cannot be owned or verified by a specific user.

Unarchived.